[Pkg-shadow-commits] r3330 - in debian/branches/squeeze/debian: . patches
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Sat Jun 4 21:56:53 UTC 2011
Author: nekral-guest
Date: 2011-06-04 21:56:53 +0000 (Sat, 04 Jun 2011)
New Revision: 3330
Added:
debian/branches/squeeze/debian/patches/300_CVE-2011-0721
Modified:
debian/branches/squeeze/debian/changelog
debian/branches/squeeze/debian/patches/series
Log:
Updated according to 1:4.1.4.2+svn3283-2+squeeze1.
Modified: debian/branches/squeeze/debian/changelog
===================================================================
--- debian/branches/squeeze/debian/changelog 2011-06-04 21:43:19 UTC (rev 3329)
+++ debian/branches/squeeze/debian/changelog 2011-06-04 21:56:53 UTC (rev 3330)
@@ -1,3 +1,11 @@
+shadow (1:4.1.4.2+svn3283-2+squeeze1) stable-security; urgency=high
+
+ * The "Tomanoix" release.
+ * debian/patches/300_CVE-2011-0721: Fix insufficient input sanitation
+ leading to possible user or group creation in NIS environments.
+
+ -- Nicolas FRANCOIS (Nekral) <nicolas.francois at centraliens.net> Sun, 13 Feb 2011 22:02:28 +0100
+
shadow (1:4.1.4.2+svn3283-2) unstable; urgency=low
* The "Bleu du Vercors-Sassenage" release.
Added: debian/branches/squeeze/debian/patches/300_CVE-2011-0721
===================================================================
--- debian/branches/squeeze/debian/patches/300_CVE-2011-0721 (rev 0)
+++ debian/branches/squeeze/debian/patches/300_CVE-2011-0721 2011-06-04 21:56:53 UTC (rev 3330)
@@ -0,0 +1,57 @@
+Goal: Input sanitization for chfn and chsh
+
+Fixes: CVE-2011-0721
+
+Status wrt upstream: Already applied upstream (4.1.4.3)
+
+--- a/src/chfn.c
++++ b/src/chfn.c
+@@ -551,14 +551,14 @@
+ static void check_fields (void)
+ {
+ int err;
+- err = valid_field (fullnm, ":,=");
++ err = valid_field (fullnm, ":,=\n");
+ if (err > 0) {
+ fprintf (stderr, _("%s: name with non-ASCII characters: '%s'\n"), Prog, fullnm);
+ } else if (err < 0) {
+ fprintf (stderr, _("%s: invalid name: '%s'\n"), Prog, fullnm);
+ fail_exit (E_NOPERM);
+ }
+- err = valid_field (roomno, ":,=");
++ err = valid_field (roomno, ":,=\n");
+ if (err > 0) {
+ fprintf (stderr, _("%s: room number with non-ASCII characters: '%s'\n"), Prog, roomno);
+ } else if (err < 0) {
+@@ -566,17 +566,17 @@
+ Prog, roomno);
+ fail_exit (E_NOPERM);
+ }
+- if (valid_field (workph, ":,=") != 0) {
++ if (valid_field (workph, ":,=\n") != 0) {
+ fprintf (stderr, _("%s: invalid work phone: '%s'\n"),
+ Prog, workph);
+ fail_exit (E_NOPERM);
+ }
+- if (valid_field (homeph, ":,=") != 0) {
++ if (valid_field (homeph, ":,=\n") != 0) {
+ fprintf (stderr, _("%s: invalid home phone: '%s'\n"),
+ Prog, homeph);
+ fail_exit (E_NOPERM);
+ }
+- err = valid_field (slop, ":");
++ err = valid_field (slop, ":\n");
+ if (err > 0) {
+ fprintf (stderr, _("%s: '%s' contains non-ASCII characters\n"), Prog, slop);
+ } else if (err < 0) {
+--- a/src/chsh.
++++ b/src/chsh.c
+@@ -528,7 +528,7 @@
+ * users are restricted to using the shells in /etc/shells.
+ * The shell must be executable by the user.
+ */
+- if (valid_field (loginsh, ":,=") != 0) {
++ if (valid_field (loginsh, ":,=\n") != 0) {
+ fprintf (stderr, _("%s: Invalid entry: %s\n"), Prog, loginsh);
+ fail_exit (1);
+ }
Modified: debian/branches/squeeze/debian/patches/series
===================================================================
--- debian/branches/squeeze/debian/patches/series 2011-06-04 21:43:19 UTC (rev 3329)
+++ debian/branches/squeeze/debian/patches/series 2011-06-04 21:56:53 UTC (rev 3330)
@@ -18,3 +18,4 @@
523_su_arguments_are_no_more_concatenated_by_default
508_nologin_in_usr_sbin
505_useradd_recommend_adduser
+300_CVE-2011-0721
More information about the Pkg-shadow-commits
mailing list